Overview
overview
7Static
static
3Assassin X.exe
windows7-x64
7Assassin X.exe
windows10-2004-x64
7Injector.exe
windows7-x64
7Injector.exe
windows10-2004-x64
7Microsoft....ns.dll
windows7-x64
1Microsoft....ns.dll
windows10-2004-x64
1System.ValueTuple.dll
windows7-x64
1System.ValueTuple.dll
windows10-2004-x64
1General
-
Target
AssassinX_Fixed.zip
-
Size
9.4MB
-
Sample
240424-s8vmzscf95
-
MD5
265ec10ae5dd847cf3ebc0ed33b6e01d
-
SHA1
f3af8defd5de73e23597b73491c3342dcdea387a
-
SHA256
bab6f502c04201e9109a280581115b5fc5b01aab7310bda94113dc9c8c6b31e8
-
SHA512
e3394b7121b6ed79cfb914eb65b32c8f2ec2cc16d18f796c5ef0209e9165ebb57b31251fdb98a70b09a8cf6dfb15dda61db3f854174aa8a98dbec04312cf47ad
-
SSDEEP
196608:sfaOyX8CTI79ksVUAvb7WGKYtS27unFhFHPuB9BQoTNejOWJiX6DbluU1:sfa6C4kGBdKYtSxOQoTErJ5huE
Behavioral task
behavioral1
Sample
Assassin X.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
Assassin X.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
Injector.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Injector.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
Microsoft.Toolkit.Uwp.Notifications.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Microsoft.Toolkit.Uwp.Notifications.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
System.ValueTuple.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
System.ValueTuple.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
Assassin X.exe
-
Size
3.4MB
-
MD5
3d116978ecbae75701e4b942380c9cc4
-
SHA1
7a65e948e556dc5d99b9473e139e2f8c60e6f226
-
SHA256
0ef41cdb74e220a2ba138fe0625c210e0c5283c24625c1a45926a930d66dce45
-
SHA512
9253593927761298f36e2782b0e1920eaa5d13de34b02f5ad1719b3b0b5a69ac8c6c4e32e5c347a4c49cd3e6def693dddf6c5e74cfc9b97cd08ad2aca22a3602
-
SSDEEP
24576:SNgyNilNR2zTJF2ZHuduTJTyCA59q0aSeQyW72/JW363Qf0ukHe7cOFxNF:2gizdwlyCA59qRSnh2/0se7cOt
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Injector.exe
-
Size
8.0MB
-
MD5
f6ceae9c4a35e316819f77b336855b1e
-
SHA1
2380dc142f9cac975427bc9e5fe2b5465d859ad9
-
SHA256
79d08b45dcc548332cbe000742df8879934d7bd6f88e8e32558fd3410f812b22
-
SHA512
b6ef765d485430bd6871d5936cd38a8d7241555008e1be334fd69d3921eb5fb331bcb12053ac641464ffb5e2979bf254423531385aab72fe112546ff4a739bc6
-
SSDEEP
196608:Ls9OEbGXVJGyICteEroXxcw+3zlxZV3Gu5D4S26cSEqCS3L9RTKn5lu:LEuDInEroX2314S2Ilr9QDu
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Microsoft.Toolkit.Uwp.Notifications.dll
-
Size
140KB
-
MD5
b4ec92287b0d96daad899236192de30e
-
SHA1
7e0ae9fd688f4a122acc38de99d166cdddde3f52
-
SHA256
8750440e6049ae487c02b41fbe3692790667504d2f31a7247c14179d302f887a
-
SHA512
ab547e3dfa75d21820416be1a38e7a7664080312efed13e9b4f14d6f9c6c759f962b6912a18fd4995cac22d9ad11bd857c61f7bbd9d1ed09effef743bdbd922f
-
SSDEEP
1536:5RdbKFBNaWYYK8gwb+zPws86WGkGaBb6ktu4YLHwYfJe5K+Q7GeH7I/65tWI6LXh:P9ENDYz2GLm6MBYLHr1+/47O/Ki
Score1/10 -
-
-
Target
System.ValueTuple.dll
-
Size
24KB
-
MD5
23ee4302e85013a1eb4324c414d561d5
-
SHA1
d1664731719e85aad7a2273685d77feb0204ec98
-
SHA256
e905d102585b22c6df04f219af5cbdbfa7bc165979e9788b62df6dcc165e10f4
-
SHA512
6b223ce7f580a40a8864a762e3d5cccf1d34a554847787551e8a5d4d05d7f7a5f116f2de8a1c793f327a64d23570228c6e3648a541dd52f93d58f8f243591e32
-
SSDEEP
384:VyPa16oAL4D+wW9IWmDIW4IWYDMFm0GftpBjMIraQHRN7VlmTpF0:VWs6oqDjADKeDYViG+LN
Score1/10 -